package cn.wolfcode.rbac.web.interceptor;

import cn.wolfcode.rbac.domain.Employee;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.resource.DefaultServletHttpRequestHandler;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class LoginInterceptor implements HandlerInterceptor {

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
//        //不拦截静态资源的加载
        if (handler instanceof DefaultServletHttpRequestHandler){
            return true;
        }
//        //return true;
//        HttpSession session = request.getSession();
//        Employee employee = (Employee)session.getAttribute("USER_IN_SESSION");
//        if (employee != null){
//            return true;
//        }
//        response.sendRedirect("/login.html");
//        return false;
        Subject subject = SecurityUtils.getSubject();
        if(!subject.isAuthenticated()) {
            response.sendRedirect("/login.html");
            return false;
        }
//       Employee employee =(Employee)subject.getSession().getAttribute("USER_IN_SESSION");
//       if(employee!=null){
//           return true;
//       }

        return true;
    }
}
